If, by 'default password' you mean a single value like 'password' I can think of two brute-force ways to do it:
- Write a script that tries to connect to each user with 'password'.
- In a different ('sandbox') database, create all of the usernames in the scope of your study, and set the password for each to 'password'. Then compare the resulting password hash in DBA_USERS.PASSWORD between the two databases. Anyone with the same password hash is using the default password.